CVE-2025-29828

Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*

History

10 Jul 2025, 13:50

Type Values Removed Values Added
First Time Microsoft
Microsoft windows Server 2022 23h2
Microsoft windows 11 24h2
Microsoft windows 11 23h2
Microsoft windows Server 2022
Microsoft windows Server 2025
Microsoft windows 11 22h2
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29828 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29828 - Vendor Advisory
CPE cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*

12 Jun 2025, 16:06

Type Values Removed Values Added
Summary
  • (es) La falta de liberación de memoria después de un tiempo de vida útil efectivo en los Servicios criptográficos de Windows permite que un atacante no autorizado ejecute código a través de una red.

10 Jun 2025, 17:21

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-10 17:21

Updated : 2025-07-10 13:50


NVD link : CVE-2025-29828

Mitre link : CVE-2025-29828

CVE.ORG link : CVE-2025-29828


JSON object : View

Products Affected

microsoft

  • windows_11_23h2
  • windows_11_22h2
  • windows_11_24h2
  • windows_server_2025
  • windows_server_2022
  • windows_server_2022_23h2
CWE
CWE-401

Missing Release of Memory after Effective Lifetime